|
821
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The BWD Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.18 in widgets/bwdeb-content-switcher.php. This makes it possibl…
|
CWE-200
Information Exposure
|
CVE-2024-12532
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
822
|
- |
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal.
An attacker can write to arbitr…
|
-
|
CVE-2024-12425
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
823
|
5.3 |
MEDIUM
Network
-
|
-
|
The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_popup_action() function in all versions up to, and including, 4.8.…
|
CWE-862
Missing Authorization
|
CVE-2024-12316
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
824
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the sync_libraries() function in all versions up to, and including, 4.8.5. This makes…
|
CWE-862
Missing Authorization
|
CVE-2024-12033
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
825
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress plugin for WordPress is vulnerable to Stored Cross…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11826
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
826
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Service Shogun Ach Invoice App allows PHP Local File Inclusion.This issue affe…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-22364
|
2025-01-7 20:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
827
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Powerfusion WPAchievements Free allows Stored XSS.This issue affects WPAchievements Free: from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2025-22362
|
2025-01-7 20:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
828
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PJFC SyncFields allows Reflected XSS.This issue affects SyncFields: from n/a through 2.1.
|
CWE-79
Cross-site Scripting
|
CVE-2025-22359
|
2025-01-7 20:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
829
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcon Simone Wp advertising management allows Reflected XSS.This issue affects Wp advertising ma…
|
CWE-79
Cross-site Scripting
|
CVE-2025-22358
|
2025-01-7 20:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
830
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Plugins Target Notifications allows Reflected XSS.This issue affects Target Notifications:…
|
CWE-79
Cross-site Scripting
|
CVE-2025-22357
|
2025-01-7 20:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
